Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2022-2249
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 up to and including 8.1.3.3 and 10.1.0.0.
Avaya Aura Communication Manager 10.1.0.0
Avaya Aura Communication Manager
NA
CVE-2005-0506
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Avaya Ip Office Phone Manager
Avaya Ip Soft Phone
1 EDB exploit
5.4
CVSSv3
CVE-2021-25656
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (witho...
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
NA
CVE-2007-5830
Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote malicious users to cause a denial of service via unspecified vectors related to "input validation."
Avaya Message Networking 3.1
Avaya Messaging Storage Server 3.1
NA
CVE-2007-3286
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote malicious users to execute arbitrary code via unspecified vectors.
Avaya Ip Soft Phone 6.0
Avaya Ip Soft Phone
NA
CVE-2008-6141
Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote malicious users to cause a denial of service (crash) via a large amount of H.323 data.
Avaya Ip Soft Phone 6.01.85
Avaya Ip Soft Phone 6.0
NA
CVE-2005-4471
POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via crafted packets.
Avaya Modular Messaging Message Storage Server 1.1
Avaya Modular Messaging Message Storage Server 2.0
Avaya Modular Messaging Message Storage Server
NA
CVE-2004-0212
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote malicious users to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing...
Microsoft Ie 6.0
Avaya Definity One Media Server
Avaya S8100
Avaya Ip600 Media Servers
Microsoft Windows 2000
Microsoft Windows Nt 4.0
Avaya Modular Messaging Message Storage Server S3400
Microsoft Windows Xp
2 EDB exploits
NA
CVE-2005-3989
Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote malicious users to cause a denial of service (memory consumption) via crafted VoIP packets.
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 5 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 6 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 7 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 3 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 4 Firmware
9.8
CVSSv3
CVE-2016-2783
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) prior to 4.2.3.0 and 5.x prior to 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote malicious users to obtain unauthorized access via crafted Ethernet frames.
Avaya Vsp Operating System Software
Avaya Vsp Operating System Software 5.0.0.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »